Anti Rootkit Blog

Sophos, a computer security firm says it has discovered the first virus that uses music publisher Sony BMG’s controversial CD copy-protection software to hide itself on PCs. The virus, Sophos has named Stinx-E is a trojan which was mass mailed to British email addresses.

The virus itself does not have Rootkit capabilities but it uses the Rootkit that was installed by thousands of people when they tried to play particular Sony Music CDs. A full list of these CDs can be found in the Article section. The virus is hidden behind the Sony BMG Rootkit so unless you can find and remove the Rootkit you will not be able to find the Virus.

“This leaves Sony in a real tangle. It was already getting bad press about its copy-protection software, and this new hack exploit will make it even worse,” said Graham Cluley of Sophos.

Keep Safe

regards
Steo
www.antirootkit.com

Sony have again further enraged users by saying that because not many people know about rootkits it is ok to use them. This attitude is quiet laughable and not what you would expect from a Sony president in light of the conteversy that currently surrounds Sony and the use of the rootkit in their DRM software.Thomas Hesse, the president of SonyBMG’s global digital business division, said in a radio interview last week that its use of rootkits is not an issue to the everyday user.”Most people don’t even know what a rootkit is, so why should they care about it?” he said in the interview with radio company NPR.

Keep Safe

regards
Steo
www.antirootkit.com

Sony’s recent use of a rootkit in it’s Digital Rights Management software has meant that other music giants are now under the spotlight with regards to the software they use and whether they use the same stealth technology that Sony uses. It is not surprising then that users are now more alert to what gets installed on their PC when they listen to music. Recent revelations that the Sony software actually contacts a server everytime a CD is played also adds to the sense of paranoia.
EMI have distanced themselves from the company that Sony used for its Digital Rights Management, First 4 Internet. EMI have said that although it looked at the software from First 4 Internet they had not used it when they made their final decision.

Keep Safe

regards
Steo
www.antirootkit.com

Sony’s problems just seem to get worse every day at the moment. The bad publicity they have from using a rootkit in their Digital Rights Management software has been further compounded by the fact that the a group based in Milan called the ALCEI-EFI (Association for Freedom in Electronic Interactive Communications – Electronic Frontiers Italy) filed a complaint Friday about Sony’s software with the head of Italy’s cyber-crime investigation unit, Colonel Umberto Rapetto of the Guardia di Finanza.The Italian group says that what Sony did and the software they used is illegal in Italy and they intend on making a point of it to protect ordinary users from being spied upon by the music giant. The group also intend to bring the case to a European court and further their case against Sony across Europe.

Sony Executives in their defence of the Rootkit, that is installed when a user tries to listen to certain Sony CD’s, have said that the rootkit does not try to contact any of Sony’s servers when a music CD is played. The rootkit is used to hide the files to ensure the Sony Digital Rights Management is not circumnavagited.Mark Russinovich’s latest Blog shows how he found out that the software was actually trying to contact a Sony server everytime the CD was played. In a detailed account of tools used and screenshots to match he has shown what exactly happens when a CD is played. This is another great bit of news for the internet community who need people like Mark to keep an eye on the big guys for the little guys. Well done Mark.

Keep Safe,

regards
Steo
www.antirootkit.com